Nezamudi.com

Posts Tagged ‘Cyber’

For your customers who own or manage commercial or residential property, an inherent amount of risk comes with the territory. Higher insurance premiums, potential harm to residents, employees or neighbors, and frivolous lawsuits are just a few of the consequences of unmonitored activity that takes place on their properties.

As a value-added reseller, you can offer your clients a sense of comfort through many security options. But the key to customer loyalty – and even greater sales in this area – is to maximize that comfort level by offering a security system that can be implemented and managed easily and affordably while providing state-of-the-art technology. And of course, you want that system to provide you with an incentive through attractive volume pricing.

Sound impossible to find? Not so.

Security Options: Then and Now

Security options traditionally have included stand-alone surveillance systems that were costly and disruptive to install, many times requiring extensive wiring and related construction.

Additional manpower also was needed on-site to monitor the systems. For these reasons, many potential customers wouldn’t consider them.

But great strides have been made in the technology behind these security systems, referred to today as cyber surveillance systems. In fact, the top surveillance systems on the market can move live video and audio wirelessly from on-site cameras to hand-held devices, such as personal digital assistants or even cell phones. What’s more, although the technology can be scaled to fit virtually any size facility, it is at the same time affordable to small- and mid-size business owners. This makes it an ideal new opportunity for VARs.

Cyber Surveillance: Reduced Anxiety, Reduced Operating Costs

Property and facility owners and managers are welcoming the technology with open arms. With real-time, on-demand access to live surveillance video and audio from virtually anywhere in the world, the technology provides a sense of security and peace of mind by enabling them to monitor their premises with their own eyes.

Because of their live, remote monitoring capabilities and on-demand access to archived video, cyber surveillance systems can reduce operational costs for your customers by eliminating the need for third-party security companies.

Seamless Integration Into Existing Computer Networks

At the same time, the live audio and video are also accessible on a personal computer through a Web-based interface. In fact, systems are available today that can be integrated seamlessly into existing computer networks that most businesses and facilities already have in place. Good cyber surveillance technology is also compatible with existing cameras. And although many products will bill themselves as integrable, top-tier systems are typically developed by companies that also have deep information technology, infrastructure, networking, and security experience.

There is an ever growing demand in computer usage ranging from home set up, SME business set-up and so on. Many sophisticated applications are used at many work facilities. Such applications would have consumed a good chunk of the companys profit, for the development. The problem with such delicate applications is, it would be either connected to yet other complicated and costly instruments. Such a set-up can be largely seen in research facilities. Besides, most of the confidential matter such as budget allocation, human resources, reports, and financial documents are communicated online.
The computers used in any set-up are highly vulnerable to attack from insiders and outsides. Another platform of communication cannot be initiated in the 21st century, as many companies run globally and sending a snail mail would totally slower the business process and retard the overall sales.

So, to ensure maximum security it is the company responsibility to protect their networking system. Below listed are the few cyber security tips to strengthen your business.

Antivirus Solutions
There are several antivirus solutions available in the market. But you must focus on getting the one that would increase the overall operational efficiency. In case of SME business type, it is advisable to have a system that needs a very minimum administrative cost. Care must be taken to overview the antivirus application and they must conform to the regulatory compliance. It is always recommended to take an interim monitoring to evaluate the efficiency of the process.

Access Control
As per the studies conducted on several security lapses happened over a period of time, one of the recurring reason is the unwanted access to many crucial contents. The company overlooks the employees ability to travel through their network maze and discover confidential content. Hence, apply appropriate security settings for each hierarchy level. It is always recommended to ban adult and gaming web sites. This would increase the work output.

Authentication
The growing demands of globalization put the company to run E-commerce business. This is like a two way sword and should be handled with care. None of the security breaches can be compensated, as the companys reputation is at stake. Under such circumstances, SSL certificate authentication method can be employed. The encryption of the network system over the transport layer through symmetric cryptography is advisable.

Cloud Security
Multi national companies must communicate actively through E-mail services. The geographically isolated offices of a MNC company initiate E-mail communication from trusted IP address service. The cloud security measure offers a higher layer of security by coupling the DNSBL and volume analysis. The Malware and malicious Spyware are inspected, and the behavior is analyzed. If any loops are identified it is blocked thereby preventing it from entering the network.

Finally to conclude, as the web threats are on the rise, there is need for the company to take proactive measures to strengthen their network security. By being proactive, refers to gather the recent threat data from diverse threat examination sources, and determine the appropriate solutions. Most importantly, there must be an awareness created amongst employees regarding the cyber safety. Without their cooperation, the overall security measures would take a setback.

In the midst of a global technological revolution, in this twenty-first century, connective devices have become a daily part of our lives. With the birth of social networking, users now have become their own media; publicly sharing opinions, debating in subjective accordance, communicating with other users within a diverse Internet community, publishing experiences through personal blogging, or appeasing the thirst for knowledge by means of unlimited Web content. With the Internet becoming increasingly public, societies adaption to social media has also lead to the increase of cyber crimes; the most common form Internet stalking/bullying.  Stalkers use their technological connections to harass a person or group of people through a variety of methods that are not limited to; false accusations, obsessive monitoring, mimicking or stealing ones identity, threatening, soliciting sexual activities, plagiarism of the victim’s content and unique ideas, gathering information for future attacks, and/or breeching computer security to hack or gain IP address. The drive of the cyber stalker is to cause distress to their victim(s) while gaining personal pleasures through unreasonable justifications.  While most novice cyber stalkers pose no threat, other than that of annoyance; the criminal actions of cyber stalking have lead to sexually motivated crimes, kidnapping, and death.

Cyber stalkers find their victims through various mediums such as social networking sites, search engines, online forums, message boards, chat rooms, or through electronic mail. These cyber stalkers behave with vile mannerisms such as the defaming of character to damage the victim’s reputation, contacting those connected with the victim in attempts to falsely accuse them with the hope that others turn against their victim, and/or creating fictitious accusations that are publicly posted on various social mediums online. Mostly associated with mental illness, a cyber stalker may choose to live vicariously through the victim by stealing content, parroting actions, or mimicking behaviors. This plagiarism happens after the stalker compulsively monitors the victim so to gather information – this monitoring usually takes place without the victim’s knowledge. A great deal, if not all, of that gained information is later used to satisfy the stalker’s unreasonable needs. In the attempt to gain information, the Internet stalker seeks out victim’s friends and/or family members to obtain personal information; such as photos, addresses, employment information, information about known traumatic life experiences, and other forms of private information. While most cyber stalkers act on their own, to appease their egos and gain satisfaction of their crimes; some encourage third parties to add to the distress and to continue the harassment. The Internet stalker then creates a tangled web of lies when the victim tries to put an end to the cruelty; these falsifications are usually done to place the blame on the victim. The stalker will seek attention by claiming it is the victim who is burdening them in the same ways that they are doing to the victim.

As diverse as mankind, in this newly defined technologically advanced world, so is the cyber stalker. Not limited to age, sex, or race; the cyber stalker’s profile is varied. The psychological profile, of the cyber stalker, is not limited to; living in a small or single room apartment, having bad personal hygiene, having very poor social skills so that they may have a limited number or no friends, knowing no life outside of the Internet due to insecurities that make them fear the real world, or having unique traits such abnormal beliefs about concrete facts. It is fairly common for the Internet stalker to take no pride in their appearance; often having facial hair, unmanaged or matted hair, body odor, dirty fingernails, unshaven areas of hair, and an overall unclean look due to their failure to bathe regularly.  These cyber criminals may live in a filthy environment; sleep on crusty unclean sheets, use a grimy bathroom, urinate and defecate in pots or buckets, and may live on quick fix foods; such as pizza, soda, microwave dinners, or crock pot experiments. These illicit individuals usually have not held down a job in months, work from home, or talk wildly about a job they do not have. Internet stalkers may also have varying unpleasant personal characteristics such as a lack of intimacy, tormented sexual fantasies that may involve causing pain to others, a troubled existence, criminal background, sexual inadequacies, varying untreated mental illnesses, a heightened ego, or fail to understand the personal needs of others. Cyber stalkers have little to no control over their abusive behaviors. Leading to more mystery, the cyber stalker will falsely claim one or more of these common profile descriptions in a method to appear normal to others. New-aged cyber bullies usually have more than a single victim; these stalkers are referred to by police and mental health councilors as serial cyber stalkers. Serial cyber stalkers may resort to violence or profane actions to seek attention, behaving as a small child having an attention orientated tantrum. These criminals may threaten the life of the victim, attempt to lessen the victims self esteem, degrade the victim, attempt to defame the victim publicly, wish death upon the victim and the family of the victim, and even gain personal information through IP address. Based on the skill of the criminal, a single Internet Provider (IP) address can reveal the given name and exact address of the victim. Internet stalkers will often blather of their IP successes to their victim(s). With this information the stalker may take his/her sickening obsession from the Internet and into the real world -– increasing the danger. It is these Internet to real world stalkers that are wanted in criminal cases; such as sexual assaults, kidnappings, and even murders. With online harassment increasing, and growing in technological dangers, it is very important for victims to protect themselves.

Those who find themselves as the victim of an individual with any of the above described behaviors should know they are not alone, as the influences of technology increases so does the crime of twenty-first century cyber bullying. Some Internet stalkers will keep more than one victim as their own trophies, unjustly viewing the victims as weaker links. Victims are encouraged by both authorities and mental health professionals to report these individuals. Reporting can be accomplished through social media networking medium, website owners, and to local law enforcement, based on the type of stalking. Victims need to be aware that if reported and the stalking does not cease or if they feel their life’s are in danger, law enforcement should be contacted. In this changing society no one should be forced to live with such criminal annoyances. The following rules should be followed, when dealing with such behaviors as the protection of oneself is extremely important on the Internet.

Rule One – The cyber stalker should not be responded to, interacted with, or engaged. Ignoring a cyber stalker is not as easy as it sounds, due to the fact that it is only human nature to act with self defenses or in the defense of family and friends. One should know never to argue with a cyber stalker, as these stalkers seek any and all attention they can receive. They do not act with maturities, or uphold the same values and morals, so any exchanges in social communication with a cyber stalker will be lost on the immature mentality of these mentally deficient criminal minds.

Rule Two –- Any and all transactions should be kept and filed away for the victim’s records. If the harassment occurs by email, file the abuse in a separate folder titled ‘abuse’ and print the email for a second method of record keeping. If the harassment occurs by website or social media network, screen captions should be taken at the very second that harassment is observed. These should be saved on the hard-drive in a folder titled ‘abuse’ and, again, printed for secondary records. Cyber stalkers are bullies that are very obsessive in their actions; many times these stalkers will close down accounts, change names, change emails, and so forth but continue the harassment. This is due to the belief that if they can change the information, they cannot be traced –- this is untrue in all forms. Transactions on the Internet are recorded through the database services of websites and also on the stalkers computer which cannot be deleted. This simply means that even if the stalker deletes public information, a copy of that information will always remain either on the network or the personal computer of the Internet stalker. In spite of this, information should always be copied by the victim and kept in a folder for their own records. These newly created names are very important to be recorded, as well.

Rule Three –- Attempt to understand the bully through the above profile, or through an online search for ‘cyber stalkers’. Understanding the bully may make it easier for the victim not to converse with the criminal behaviors. This research will show that when dealing with an Internet stalker, mental illness may be evidently manifested in their behaviors. Victims should note that when dealing with this type of ruthless delinquent, they are not dealing with individuals who behave with the same maturities and morel standings. However, while it may be human nature to pity the stalker, the victim should never allow that pity to come between proper punishment of the senseless attacks.

Rule Four –- Seek out help, while annoying sometimes a stalker can indeed be dangerous. If the abuse does not cease in due time, contact your local law enforcement and do not give up. Give to the police all collected information and a complete description of the stalkers behavior, along with any personal information if known. These cases will be left open, added to, and properly investigated by detectives.

Rule Five – Act as an observer as it is probable that the stalker has more than a single victim. Observations can be reported also, to the police. Again, record this observed behavior, file it away with the personal abuse, and report this in full context to those handling the reported case. Again, all stalking cases will be left open until the stalker is captured and not closed until punished accordingly. These authorities, bound by legalities, leave these cases open for new abuse to be collected via reports, observations by both the victim and detectives to be recorded; and notes to be added, by criminal detectives, with acquired personal information. These detectives may log on to the Internet stalkers account to view the harassment personally, recording each transaction, and allow their detection to be known by the owners who will comply with the investigation due to possible lawsuit via communications act.

In any event, rule one should always be observed for those who are victims of cyber stalking; don’t respond, interact with, or engage the bully. Negotiations or mediations are lost due to the unreasonable justifications Internet stalkers form — as an act of convincing themselves they are not to blame. After an in-depth investigation, mental health counseling is usually warranted; and can be done by 72-hour mental health warrant. Jail time is another outcome of these cases along with a civil or criminal lawsuit created by the victim. In this lawsuit the Internet stalker must pay for the legal fees of both the victim and self. In this twenty-first century everyday life has been affected by both computers and Internet connectivity, yet all users reclaim the rights to be treated with respect. While any shared opinion may result in disagreement or debate, when a user notices he/she is being followed, mimicked, threatened, or abused a case of cyber stalking may be in occurrence. Again, the victim should know their rights of online protection and the criminal behavior of Internet stalking should be punished in accordance with the law.

Simply put, cyber-extortion is the practice of demanding money in exchange for not carrying out activities which could involve a victim’s cyber information being at risk. It is an organised criminal activity, intent on obtaining a ransom in advance from an individual/group/organisation, for not launching attack on their corporate database, transactional website and computer networking systems.

Nowadays it is a mere child’s play for a teenage hacker to hack someone’s confidential information. When organised criminal groups get involved, they are looking at financial gain. However, despite the potential possibility of an attack, the businesses do not seem to be taking the threat very seriously. In fact, one of the reasons such threats are kept under wraps is because organisations wants to protect their image. Consumers can lose confidence in an organization, thereby leading to huge losses, particularly in terms of revenue since the media coverage can result in negative publicity.

In the past, the practice of cyber extortion was restricted to leaking credit card details or personal data of the customers. But today, hackers can disrupt business activities. Extortionists can threaten to incapacitate the victim’s computer system or the transactional website. This is known as denial-of-service (DoS) at tack where the business system is made unavailable to the potential customers and intended users. While launching DoS attack, cyber extortionists typically target a high-profile website or service hosted on their servers such as web servers, data centre servers, credit card payment gateways and even on the root nameservers.

The DoS attackers typically follow two techniques: one that crashes the services and the other that floods it. Either way, the victim company stands to lose its online link with the customers, suppliers and partners. The cyber criminals quietly take control over the business information systems and then assemble them into a coordinated network that can be used to send electronic transmissions that deface the targeted business website. These hijacked information systems are individually referred to as ‘zombies’.

The coordinated networks of zombies-for-hire are referred to as ‘botnets’. The botnet armies do not have geographical limit and can be comprised of hundreds, thousands or even tens-of-thousands of computers. With network communications becoming more important to the companies today, as illustrated by the increased reliance upon online purchasing, the urgency to protect these systems has increased.

What is surprising is that organisa tions are increasingly hiring cyberextortionist to incapacitate their business competitors. If hired, they offer discounts to make these extortionists loyal customers and in return are assured protection that the organisation would not be attacked by other corporate competitors. People would always remember the Massachusetts businessman who allegedly paid members of the computer underground to launch an organised and crippling distributed denial of service (DDoS) attacks against three of his competitors. In what federal officials are calling the first criminal case to arise from a DoS-for-hire scheme, the resulting chaos cost the competitors almost two million US dollars.

After the popularity of online banking transactions, cyber-extortionists have adopted scientific techniques to obtain ransom from the victim. They open several anonymous bank accounts, both, in and outside the country of residence to hide their identity. The cyber-attackers demand ransom in small chunks of payments so as to escape money laundering watchdogs. The technique of receiving small chunks of money through several pseudonymous bank accounts is called ‘smurfing’ which comes under the umbrella of money laundering.

An effective deterrent against the cyber threats is both expensive and time consuming, requiring lots of trainings for the IT staff and customers. Heavy costs include testing, perpetual monitoring and co-location services such as off-site data and system backup. Other costs can include intrusion prevention systems, DDoS protection, information security consultants, record keeping, and liability insurance. Assessing the risks, such as risk of a successful DDoS attack, typically includes hiring an outside service to assess the company’s network weaknesses.

This may include developing a series of planned and controlled attacks, including initiating DDoS attacks on the company. IT security experts can raise awareness that the benefits of such a test outweigh the costs and risks of having a preventable attack. In ‘Prevention of Electronic Crime Ordinance 2007’, the Federal Investigation Agency (FIA) is held responsible for taking care of business organisations from internal and external threats. Liaison with FIA could be helpful in terms of facilitating communication with appropriate Law Enforcement agencies that specialise in cybercrime.

Law Enforcement agencies with appropriate expertise may be able to provide tactical assistance and other helpful information, such as whether the threat is from a known source, whether a similar attack was threatened in the past and whether the attack is credible.

Cyber crime, Cyber terrorism and Cyber attack

Classifying a cyber attack as cyber terrorism or cyber crime is a bit difficult due to the complexity in the determination of the identity, intension, or the motivation of a cyber criminal. It can be very large in extent and could involve many other factors than a simple computer hacking.

Definition of Cyber crime

It is a kind of crime that targets computers and can involve a violation of patent, robbery of scholar property, copyright laws or trade secrets as well. However, it also includes espionage to produce unlawful copies of classified records. The commencement of cyber attacks by any terrorist group is also considered as cyber crime. Generally, the basic difference between a cyber crime and a cyber attack is found in the intention of an attacker.

Definition of Cyber terrorism

There is a lot definition exist for cyber terrorism like as the various definitions of terrorism. A security expert named as Dorothy Denning describes cyber terrorism as politically induced hacking operations projected to cause massive loss like as the severe economic breakdown or loss of life. Others denote cyber terrorism a massive substantial attack that tears down computerized infrastructures like as the telecommunications, electric power grid or the Internet without even touching a keyboard.

Usage of Botnets in Cyber crime

Nowadays, “Botnets” or “Bot Networks” are becoming a key tool for cyber crimes. It can easily be designed in a way that can effectively disrupt any targeted computer systems in many ways without possessing any especial technical expertise and can be immediately initiated in cyberspace by renting botnet services from any cyber criminal. Generally, a good number of compromised computers infected with malicious code are used to build up the botnets and these computers can be remotely monitored by the commands that are sent through the Internet. Moreover, hundreds or thousands of compromised computers can be used to block or disrupt the Internet traffic for the targeted systems or to distribute malware, viruses or spam as well. Because of the versatility of botnets it’s often delineated as “the knives of Swiss Army of underground economy”. However, the designer of botnets is generally called as the botmaster. A botmaster can easily make a handsome amount of money within a short time by rendering their exclusive technical expertise. Botnets are now the prime weapon to the fraud and extortionist for executing all sorts of cyber crimes. At present, the authors of various botnets software are trying to develop their software modules through the collaboration among them so that they can reuse their malicious code. This collaboration will make the future botnet more reliable and robust as well.

Cyber crime Organizations

We are often stunned about the strategy, operational vision, deployment and logistics of the highly organized online mafias. They not only act like the real companies, but they are also transnational organizations who are fervently operating throughout the world. Recently, the FBI (Federal Bureau of Investigation) has classified different professional positions that they have encountered in their cyber crime business. According to the report of FBI, every organization is well equipped with a good number of experts who are specialized in their own area. Here is an overview of the common positions within cyber crime organizations.

Coder- who develops the malware and exploit

Distributor- who trades with the stolen data

Tech expert- who safeguard the IT infrastructure of criminal organizations

Hacker- who seek and exploit the vulnerabilities of the targeted computer networks and systems

Fraudster- who encourage the potential victims through social business schemes like spam and phishing

Hosted system provider- who provide illegal content servers to the criminals

Money mule- who conduct wire transfer between the bank accounts

Teller- who transfer and legalize illegitimate incomes through the digital currency services

Organization leader- who organize the entire team and launch the attacks to the targeted victims

Now, it is high time to stand against all kinds of cyber crime and to protect our valuable documents, earnings and treasures as well. We must have to find an effective way to fortify the security of our computer networks and systems as well. Otherwise, the day will be not so far when our entire computer systems will be turned into the play ground of these ruinous cyber criminals!